Is the Compliance Platform required?

Yes. The platform is the required base of every episki workspace — frameworks, controls, evidence, policies, reporting, and the AI orchestration runtime all live here. Optional modules like Risk, TPRM, and Trust add specialty agent skills on top of it.

Which frameworks does the platform support?

SOC 2, ISO 27001, HIPAA, PCI DSS, NIST CSF, CMMC, GDPR, and your own custom frameworks — with no per-framework fees. Controls map across frameworks so evidence collected once can satisfy many.

Do SSO and an API come with every plan?

Yes. SAML SSO and SCIM provisioning are included on every plan, along with a full REST API and webhooks for anything you'd rather automate yourself.

Compliance Platform

Every program in one workspace

The required base for every episki workspace. Frameworks, controls, evidence, policies, and reporting live in the same workspace where your agents run — wired together by default, not by integration.

Start free trial See pricing

What you get

Unlimited frameworks

Map controls across SOC 2, ISO 27001, HIPAA, PCI DSS, NIST CSF, CMMC, and your custom frameworks — without per-framework fees.

Evidence store + audit log

Every artifact, every action, every approval — versioned and queryable. Auditor portals scoped per assessment.

Policy management

Author, version, and approve policies inline. Delegate approval to the right owner. Publish to your trust center in one click.

Reporting & dashboards

Live posture, control coverage, evidence freshness, and team velocity. Export for board updates without copy-paste.

SSO, SCIM, API

SAML SSO and SCIM provisioning on every plan. Full REST API and webhooks for the things you'd rather automate yourself.

AI orchestration runtime

Agent chat, plans, step-runs, approvals, and safety floors — the substrate the rest of the platform runs on.

Agents at work

Agents inside every workflow

The platform ships with general-purpose agents for the core compliance lifecycle. Add modules to unlock specialty skills.

Draft and revise policies aligned to your frameworks
Map controls across frameworks with crosswalks
Summarize evidence into auditor-ready narratives
Flag stale controls and suggest remediation owners

Learn how agents work

Frameworks supported

SOC 2ISO 27001HIPAAPCI DSSNIST CSFCMMCGDPRCustom

Pricing for this module

Compliance Platform

Includes +2M tokens/month

Required base; included on every workspace.

$7,500

/year · $750/mo

See all pricing Start free trial

Compliance Platform — frequently asked questions

More on Compliance Platform

GRC engineering: treating compliance as software

The compliance team used to live in spreadsheets. GRC engineering treats programs like software — APIs, deterministic recipes, version-controlled policies, agent-authored automation, and audit trails as a side effect.

GRC Resources: Why Governance, Risk & Compliance Is a Business Imperative

GRC isn't a checkbox exercise — it's the infrastructure that connects security decisions to business outcomes. Here's why security leaders are rethinking how they resource their GRC programs.

Best GRC Tools in 2026

The best GRC tools in 2026 — 10 platforms compared on pricing, frameworks, automation, integrations, and fit for startups through enterprise.

State of GRC 2026: Benchmarks, Trends, and What's Actually Changing

An authoritative look at the state of GRC in 2026 — regulatory shifts, framework adoption, budget benchmarks, automation trends, and what's ahead for 2027.

Start with the platform

Spin up a workspace, invite your team, and let an agent draft your first policy in under five minutes.

Start free trial Book a demo